1 . A method of administering a computer network, the method comprising: 

providing an enrollment administration system for specifying enrollment rules; 

providing an enrollment system configured to communicate with the enrollment 

administration system to permit enrolling a first networked resource if permitted 
by specified enrollment rules; and 

providing a remote access system for granting a user remote access to the first networked 
resource if the user successfully enrolled the first networked resource. 

2. The method of claim 1 wherein the networked resource is a computer. 

3. The method of claim 1 wherein the remote access system denies remote access to the first 
networked resource to a user that has not enrolled the first networked resource. 

4. The method of claim 1 wherein the remote access system is provided for installation on 
the first networked resource. 

5. The method of claim 1 wherein the remote access system is provided for installation on a 
shared network resource, and the remote access system grants remote access to the first 
networked resource and a second networked resource subject to the specified enrollment rules 
and the user's enrollment of the first networked resource and the second networked resource. 

6. The method of claim 1 wherein the enrollment system disallows enrolling the first 
networked resource from a remote console. 

7. The method of claim 1 wherein the enrollment system requires enrolling the first 
networked resource from console physically-attached to the first networked resource. 
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8. The method of claim 1 wherein the remote access comprises remote access to the desktop 
of the first networked resource. 

9. The method of claim 1 wherein the enrollment system is a network application. 

1 0. The method of claim 9 further comprising providing a locator system for determining the 
location of a user attempting to enroll the first networked resource. 

1 1 . The method of claim 1 0 wherein enrolling the first networked resource is further subject 
to the determined location. 

12. A computer system comprising: 

an enrollment administration system for specifying enrollment rules; 

a first networked resource configured to communicate with the enrollment administration 
system; 

a remote device configured to communicate with the first networked resource via a 
communications channel; 

an enrollment system for enrolling the first networked resource if permitted by the 
specified enrollment rules; and 

a remote access system for granting a user of the remote device remote access to the first 
networked resource if the first networked resource was successfully enrolled. 

1 3 . The computer system of claim 1 2 wherein the first networked resource is a computer. 

14. The computer system of claim 12 wherein the remote access system denies remote access 
to the first networked resource to a user of the remote device that has not enrolled the first 
networked resource. 
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15. The computer system of claim 12 wherein the remote access system is installed on the 
first networked resource. 

16. The computer system of claim 12 wherein the remote access system is installed on a 
shared network resource, and the remote access system grants a user of the remote device access 
to the first networked resource and a second networked resource subject to the enrollment rules 
and the user's enrollment of the first and second networked resources. 

17. The computer system of claim 12 wherein the enrollment system disallows enrolling the 
first networked resource from a remote console. 

18. The computer system of claim 1 2 wherein the enrollment system requires enrolling the 
first networked resource from a console physically-attached to the first networked resource. 

19. The computer system of claim 12 wherein the remote access to the first networked 
resource comprises remote access to the desktop of the first networked resource. 

20. The computer system of claim 12 wherein the enrollment system is a network 
application. 

2 1 . The computer system of claim 20 further comprising a locator system for determining the 
location of a user attempting to enroll the first networked resource. 

22. The computer system of claim 21 wherein enrolling the first networked resource is 
further subject to the determined location of user. 

23. The computer system of claim 12 wherein the enrollment administration system 
comprises an enrollment database that stores a list of networked resources a user has enrolled. 

24. A method of network administration comprising: 
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specifying an enrollment rule; 

enrolling a first networked resource if permitted by the specified enrollment rule; 

granting a user remote access to the first networked resource from a remote device if the 
user had previously successfully enrolled the first networked resource; and 

denying an user access to the first networked resource from the remote device if the user 
had not previously successfully enrolled the first networked resource. 

25. The method of claim 24 wherein the first networked resource is a computer. 

26. The method of claim 24 wherein specifying an enrollment rule further comprises: 
defining a plurality of groups of users; 

defining a plurality of groups of networked resources; and 

specifying a group of networked resources that a group of users is permitted to enroll. 

27. The method of claim 24 wherein enrolling the first networked resource is disallowed 
from a remote console. 

28. The method of claim 24 wherein enrolling the first networked resource requires the user 
to enroll from a console physically attached to the first networked resource. 

29. The method of claim 24 wherein granting access to the first networked resource 
comprises granting access to the desktop of the first networked resource. 



25 



